List: Log4j Vulnerability Scanners…

by

January 6, 2022

It might be a new year, but we still have the same old problems. Log4j, like COVID-19 and its many variants, is still circulating our collective ecosystem. 

If you’re worried you might be at risk, here’s a helpful list of scanners and tools dedicated to looking for Log4j:

  1. Amazon Inspector and AWS – Made for scanning Amazon EC2 instances and Amazon Elastic Container Registry images, this tool automates scanning and runs continuously. Scanning is driven by things like the installation of new software packages, and the publication of new common vulnerability and exposure (CVEs).
  2. Arctic Wolf – Publicly available on GitHub. Log4Shell Deep Scan enables detection of both CVE-2021-45046 and CVE-2021-44228 within nested JAR files, as well as WAR and EAR files.
  3. Bi.Zone – Also on on GitHub, Bi.Zone’s tool scans the memory of Java processes for Log4j signatures. The scanner functions directly on the host, rather than through the Internet. The scan output is a list of hosts that contain applications with Log4j, which enables MSSPs and users to personally check if the library version is vulnerable.
  4. CISA: The Cybersecurity and Infrastructure Security Agency (CISA) modified a Log4J scanner created by security company FullHunt and got help from other researchers like Philipp Klaus and Moritz Bechler, ZDnet reported.
  5. CrowdStrike: The company released a free Log4J scanner called CrowdStrike Archive Scan Tool (CAST).
  6. CyberCNS: The company’s vulnerability scanner supports detection of the Log4j vulnerability, according to a CyberCNS home page message. Hundreds of MSPs and MSSPs run the CyberCNS Vulnerability Manager to help small businesses meet regulatory and compliance frameworks, the company says.
  7. Cyrisma: The cybersecurity posture management platform offers this Log4j vulnerability mitigation technology for MSPs, MSSPs, information security consulting firms and incident response firms.
  8. Datto, the MSP software, backup appliance and technology provider, has created the Log4Shell Enumeration, Mitigation and Attack Detection Tool for Windows and Linux. The tool downloads and executes the latest detection methods published by Florian Roth.
  9. F-Secure: The company’s F-Secure Elements Vulnerability Management platform allows MSPs and MSSPs to identify Log4j vulnerabilities.
  10. Huntress: The MDR provider to MSPs and MSSPs introduced this Log4Shell vulnerability tester.
  11. Liongard: The automation software company, focused on MSPs, released a  Log4j Audit report within the Liongard platform to make it easy for partners to see how the Log4j vulnerabilities are impacting their customers and their systems, Liongard to MSSP Alert.
  12. Microsoft Defender for Endpoint: Multiple updates… The Microsoft 365 Defender portal now features a consolidated Log4j dashboard to help customers identify and remediate files, software and devices that are exposed to the Log4j vulnerabilities. Source: Microsoft.Microsoft has updated the Threat and Vulnerability Management capabilities in Microsoft Defender for Endpoint to surface Log4j library components that are vulnerable to CVE-2021-44228. These capabilities automatically discover vulnerable Log4j libraries in products and services installed on Windows clients and Windows servers.
  13. Qualys is making its Web Application Scanning (WAS) solution available free for 30 days, beginning December 17, 2021. The tool can scan web applications and APIs for the Log4Shell (CVE-2021-44228) vulnerability, Qualys included.
  14. Sonatype: The supply chain software security company says its Nexus Open Source Vulnerability Scanner allows partners to spot the Log4j vulnerability.
  15. Tenable: The company has released scan templates for Tenable.io, Tenable.sc, Tenable.io WAS and Nessus Professional which are p”re-configured to allow quick scanning for this vulnerability.” Dashboards are also available in Tenable.io and Tenable.sc.
  16. Trend Micro Log4j Vulnerability Tester: This web-based tool can help identify server applications that may be affected by the Log4Shell (CVE-2021-44228, CVE-2021-45046) vulnerability.

Bonus – Log4j Guidance From CISA: Here is regularly updated Log4j vulnerability mitigation guidance from the CISA(Cybersecurity and Infrastructure Security Agency).

Like our blog? Subscribe using the CTA in the upper right-hand corner of this page. Feel like sharing your thoughts with us? Use the comment section below.

Don’t forget to follow us on LinkedIn and Twitter

We're Integris. We're always working to empower people through technology.

Keep reading

What Are Best Practices for Managing IT Projects?

What Are Best Practices for Managing IT Projects?

What Are Best Practices for Managing IT Projects? The Quick Take Managing IT projects effectively is crucial for ensuring success and maximizing ROI. Here are the best practices to follow: Define Clear Objectives and Scope: Set specific, measurable, achievable,...

What Is The Future of Managed IT Services?

What Is The Future of Managed IT Services?

What Is the Future of Managed IT Services? The Quick Take: The future of managed IT services for small and medium-sized businesses is bright, with the market expected to grow from $1.735 trillion to $2.173 trillion by 2028. Key trends driving this growth include:...

The Regulatory Outlook for 2025 and What That Means for Banking IT

The Regulatory Outlook for 2025 and What That Means for Banking IT

With a new administration coming in, 2025 promises to be a year of change. But will it significantly impact banking regulation and your bank’s cybersecurity? No one has a crystal ball, of course, but recent global outlooks for the banking industry seem to point to two...